* Alpine will delete passwords that do not work from internal memory

     and the local password cache (password file or system local cache.)

3 files changed, 64 insertions, 1 deletions

diff --git a/pith/imap.c b/pith/imap.c
index f91937b1..7c74efaf 100644
--- a/pith/imap.c
+++ b/pith/imap.c
@@ -1149,6 +1149,64 @@ imap_flush_passwd_cache(int dumpcache)
     }
 }
 
+void
+imap_delete_passwd(MMLOGIN_S **m_list, char *user, STRLIST_S *hostlist, int altflag)
+{
+  if(m_list == NULL || *m_list == NULL) return;
+  imap_delete_passwd_auth(m_list, user, hostlist, altflag,
+		strchr((*m_list)->user, PWDAUTHSEP) != NULL ? OA2NAME : NULL);
+}
+
+void
+imap_delete_passwd_auth(MMLOGIN_S **m_list, char *user,
+	STRLIST_S *hostlist, int altflag, char *authtype)
+{
+   MMLOGIN_S *l, *p;
+   int len, offset;
+
+   if(m_list == NULL || *m_list == NULL) return;
+
+   dprint((9, "imap_delete_password: user=%s, host=%s, authtype=%s.",
+		user ? user : "no user!?",
+		hostlist && hostlist->name ? hostlist->name : "unknown host",
+		authtype ? authtype : "password authentication"));
+
+   len = authtype ? strlen(authtype) : 0;
+   offset = authtype ? 1 : 0;
+   for(p = *m_list; p; p = p->next){
+       if(imap_same_host_auth(p->hosts, hostlist, authtype)
+	  && *user
+	  && (len == 0 || (!struncmp(p->user, authtype, len)
+			   && p->user[len] == PWDAUTHSEP))
+	  && !strcmp(user, p->user + len + offset)
+	  && p->altflag == altflag)
+	  break;
+   }
+
+   dprint((9, "imap_delete_password: %s", 
+		p ? "found a match!" : "did not find a match!"));
+
+   if(!p) return;
+
+   /* relink *mlist */
+   if(p == *m_list)
+      *m_list = (*m_list)->next;
+   else{
+      for(l = *m_list; l && l->next != p; l = l->next);
+      l->next = p->next;
+   }
+   /* so now p is out of the list. Free it */
+   p->next = NULL;
+   if(p->user) fs_give((void **) &p->user);
+
+   if(!(p->passwd >= (char *) private_store
+	&& p->passwd <= (char *) private_store + sizeof(private_store)))
+     fs_give((void **) &p->passwd);
+
+   free_strlist(&p->hosts);
+   fs_give((void **) &p);
+   dprint((9, "imap_delete_password: done with deletion."));
+}
 
 /*
  * Mimics fs_get except it only works for char * (no alignment hacks), it
diff --git a/pith/imap.h b/pith/imap.h
index b6575565..8c78a9c6 100644
--- a/pith/imap.h
+++ b/pith/imap.h
@@ -131,6 +131,8 @@ int	imap_get_passwd_auth (MMLOGIN_S *, char **, char *, STRLIST_S *, int, char *
 void    imap_set_passwd(MMLOGIN_S **, char *, char *, STRLIST_S *, int, int, int);
 void    imap_set_passwd_auth(MMLOGIN_S **, char *, char *, STRLIST_S *, int, int, int, char *);
 void    imap_flush_passwd_cache(int);
+void	imap_delete_passwd_auth (MMLOGIN_S **, char *, STRLIST_S *, int, char *);
+void	imap_delete_passwd (MMLOGIN_S **, char *, STRLIST_S *, int);
 
 
 /* currently mandatory to implement stubs */
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 2b865435..0e3f27cc 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
 reasonable place to be called from.
 Dummy change to get revision in pine.hlp
 ============= h_revision =================
-Alpine Commit 587 2021-09-07 08:43:39
+Alpine Commit 588 2021-09-09 21:01:05
 ============= h_news =================
 <HTML>
 <HEAD>
@@ -237,6 +237,9 @@ New features include:
 
 <LI> Add option -xoauth2-flow to the command line, so that users can specify the
      parameters to set up an xoauth2 connection through the command line.
+
+<LI> Alpine deletes, from its internal memory and external cache, passwords
+     that do not work, even if they were saved by the user.
 </UL>
 
 <P>